Actions
Documentation #42165
openFeature #47765: mgr/dashboard: security improvements
mgr/dashboard: Document new password requirements in the installation documentation
% Done:
0%
Tags:
Backport:
Reviewed:
Affected Versions:
Pull request ID:
Description
Starting with Ceph Octopus, the Dashboard supports enforcing some minimum password complexity rules. These limitations should be documented, so users are aware when creating new user accounts. In particular, it should be noted that a password:
- Must contain at least 8 characters
- Cannot contain username
- Cannot contain any keyword used in Ceph, e.g. "osd", "host", "dashboard", "pool", "block", "nfs", "ceph", "monitors", "gateway", "logs", "crush", "maps"
- Cannot contain any repetitive characters e.g. "aaa"
- Cannot contain any sequencial characters e.g. "abc"
- Must consist of characters from the following groups:
- alphabetic a-z, A-Z
- numbers 0-9
- special chars: !"#$%& \'()*+,-./:;<=>?@[]^_`|~
- any other characters (signs)
Updated by Lenz Grimmer over 4 years ago
- Related to Feature #25232: mgr/dashboard: Support minimum password complexity rules added
Updated by Lenz Grimmer over 3 years ago
- Translation missing: en.field_tag_list changed from security, documentation, installation to security, documentation, installation, low-hanging-fruit
- Category changed from 150 to 175
- Priority changed from Normal to Low
Updated by Lenz Grimmer over 3 years ago
This is partially documented already here: https://docs.ceph.com/en/latest/mgr/dashboard/#password-policy
Updated by Ernesto Puerta about 3 years ago
- Project changed from mgr to Dashboard
- Category changed from 175 to Docs
Updated by Laura Flores about 2 years ago
Himadri Maheshwari will work on this issue.
Actions